Unrated severityNVD Advisory· Published Jan 12, 2009· Updated Jun 16, 2026
CVE-2008-5899
CVE-2008-5899
Description
CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:codeavalanche:freeforall:_nil_:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:codeavalanche:freeforall:_nil_:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.